SSL: key exchange 0 different from KEX_RSA (16)

[Guy Deffaux <guy () GeckoTechnology com>]

Has anyone seen this problem before? I am testing Wireshark 1.3.5 with 
SSL. Certs have been created with the 2 following commands (so I get the 
-----BEGIN RSA PRIVATE KEY----- content for private key, Wireshark loads 
it properly)

openssl genrsa -out privkey1.pem 2048
openssl req -new -x509 -days 1000 -out pubcert1.pem -nodes -key 
privkey1.pem -subj /CN=192.168.1.2

Calling the server via a "curl -k", communication goes ok. Snooping the 
traffic, I get the following message which prevents the message decryption.

dissect_ssl enter frame #8 (first time)
  conversation = 06311878, ssl_session = 06311BDC
  record: offset = 0, reported_length_remaining = 198
dissect_ssl3_record: content_type 22
decrypt_ssl3_record: app_data len 134, ssl state 0x13
packet_from_server: is from server - FALSE
decrypt_ssl3_record: using client decoder
decrypt_ssl3_record: no decoder available
dissect_ssl3_handshake iteration 1 type 16 offset 5 length 130 bytes, 
remaining 139
---> ssl_decrypt_pre_master_secret key exchange 0 different from KEX_RSA 
(16) <---
dissect_ssl3_handshake can't decrypt pre master secret
  record: offset = 139, reported_length_remaining = 59

Has anyone seen this?

I have uploaded pcap file, wireshark log, priv and cert at 
http://www.geckotechnology.com/sites/default/files/sslissue_100705.zip

Any hint is welcome.

guy
___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request () wireshark org?subject=unsubscribe